Summary

The emails arrive bearing subject lines such as “State Vaccination H1N1 Program,” “Governmental registration program on the H1N1 vaccination,” and “Create your personal Vaccination Profile.” Purportedly from the Centers for Disease Control, the messages urge recipients to register for H1N1 vaccinations.

The problem is they’re bogus.

The messages lead users to an official-looking CDC site where they’re asked to create a profile in order to receive a vaccination for the swine flu. The site encourages users to download a vaccination profile archive and includes a link to the download.

Clicking on the link, however, actually downloads and installs a new variant of the “Zbot” Trojan horse. Called “Zeus” by some security companies, the malware is a bot Trojan that hijacks the Windows PC for nefarious activities, including sending out more spam.

It’s just the latest example of the way malware authors and spammers use current events to lure unsuspecting users into downloading malware, buying products, and falling for scams.

Over the past year fraudsters have also sought to capitalize on news surrounding
NCAA March Madness, the crash of Air France Flight 447, Serena Williams, the deaths of Michael Jackson and Patrick Swayze, and the misadventures of Tiger Woods.

In fact, we’ve reached the stage where no popular story goes unnoticed, and we can only expect more of the same as major world events such as the 2010 FIFA Soccer World Cup and Winter Olympics get nearer.

And it’s not just email that can lead users astray. The creators of rogue antivirus or misleading application software are getting in on the act as well. They attempt to “poison” Web search engine results to take advantage of the spike in Web search activity that accompanies a popular story. (See “What You Need to Know About Search Engine ‘Poisoning.’”)

To see how these misleading applications behave, view this video made by Symantec Security Response.